package com.etcn.manager.filter;

import java.io.IOException;
import java.io.PrintWriter;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

import com.etcn.manager.model.TUser;
import com.etcn.manager.service.UserManagerService;
@Component
public class AdminLoginFilter implements Filter {

	@Autowired
	private UserManagerService userManagerService;
	@Override
	public void destroy() {
		// TODO Auto-generated method stub
	}
	@Override
	public void doFilter(ServletRequest req, ServletResponse resp,
			FilterChain chain) throws IOException, ServletException {
		// TODO Auto-generated method stub
		HttpServletRequest request = (HttpServletRequest)req; 
		HttpServletResponse response = (HttpServletResponse)resp;
		HttpSession session = request.getSession();
		String path  = request.getRequestURI();
		String username = (String)session.getAttribute("username");
		//如果直接访问login.jsp，放行~~~
		if(path.indexOf("login.jsp")>-1||(path.indexOf("logout")>-1 && path.indexOf("logout.do")==-1)||path.indexOf("checkUser")>-1||path.indexOf("checkPwd")>-1){
			chain.doFilter(request, response);
			return;
		}
		//如果session为空（session中是否有username属性值），那么检查是不是登陆请求
		if("".equals(username) || username == null){
			String name = request.getParameter("j_username");
			String pwd = request.getParameter("j_password");
			//如果是登陆请求（用户名，密码不为空），检查用户是否合法用户
			if(!"".equals(name)&& name != null && !"".equals(pwd) && pwd!=null){
				//如果是合法用户，将用户名放入session中
				TUser user =userManagerService.checkUser(name, pwd);
				if(user!=null){
					session.setAttribute("username", name);
					request.getSession().setAttribute("userId", user.getId());
					request.getSession().setAttribute("userType", user.getUserType());
					chain.doFilter(request, response);
					return;
				}
				else response.sendRedirect(request.getContextPath()+"/manage/login.jsp");
			}
			else response.sendRedirect(request.getContextPath()+"/manage/login.jsp");
		}
		else if(path.indexOf("logout.do")>-1){
			System.out.println("注销登录！");
			session.removeAttribute("username");
			session.invalidate();
//			response.setCharacterEncoding("utf-8"); 
//			response.setContentType("text/html; charset=utf-8"); 
//			PrintWriter out  = response.getWriter();
//			out.print("<h2>退出成功！</h2><h3><a href='../'>重新登录</a></h3>");
			response.sendRedirect(request.getContextPath()+"/manage/login.jsp");
			return;
		}
		else{
			chain.doFilter(request, response);
			return;
		}
			
	}

	@Override
	public void init(FilterConfig arg0) throws ServletException {
		// TODO Auto-generated method stub

	}

}
